Azure Virtual WAN
An Azure virtual networking service that provides optimized and automated branch-to-branch connectivity.
246 questions
0 answers
vWAN Routing Intent Selective Internet bound routes
Hello, I'm trying to figure out if it's possible to configure via Bicep the routing intent policy for a secured virtual hub in a vWAN to set the internet security configuration selectively for individual connections as described in the portal under the…
asked 2025-03-10T18:13:00.87+00:00
Jackson Harris
20
Reputation points
commented 2025-03-11T13:49:49.6+00:00
Jackson Harris
20
Reputation points
1 answer
how can i integrate a huawei virtual router on microsoft azure?
I need to integrate a huawei virtual router on the microsoft azure cloud.
asked 2025-03-05T21:54:30.2933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 9%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFC%3C/text%3E%3C/svg%3E)
Freddy Casas
0
Reputation points
commented 2025-03-10T21:43:29.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 17%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Rohith Vinnakota
3,150
Reputation points Microsoft External Staff
2 answers
Configuring route based VPN using virtual WAN
For a route-based VPN I would typically see config for a VTI, I don't see that anywhere in the virtual wan config for this so im not sure what the IP address of my VTI should be on the other end.
asked 2025-02-19T16:37:24.2533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 60%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOB%3C/text%3E%3C/svg%3E)
Oliver, Beau
0
Reputation points
commented 2025-02-24T16:45:03.9666667+00:00
Rohith Vinnakota
3,150
Reputation points Microsoft External Staff
1 answer
Azure VPN / Vhub P2S Advertised routes troubleshooting
Good afternoon all, I am having some issues with a VPN P2S i have set up within a vHub, whereby the Azure VPN client is not populating the custom advertised routes listed in the Default route table, and thus the traffic is not routing correctly unless i…
asked 2025-02-12T14:31:28.2+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 1%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Dylan
0
Reputation points
commented 2025-02-19T21:31:06.5133333+00:00
Rohith Vinnakota
3,150
Reputation points Microsoft External Staff
0 answers
BGP sessions over dual VPN Ipsec tunnels only work on Instance 0, Instance1 stays in connecting status, resulting in lost packets
Standard dual-path VPN from Virtual WAN hub to single virtual FortiGate with two public IPs in AWS, using BGP routing. Azure side shows only half of the BGP paths connected (ones related to Instance0 via both VPN tunnels) while virtual FortiGate in AWS…
asked 2023-06-02T06:17:39.1866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 49%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Martin Petder
0
Reputation points
commented 2025-02-12T12:48:46.22+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 28.999999999999996%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Radjin Ghisyawan
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Using BGP peering with Azure route server for hub and spoke model vs Azure VWAN
Our scenario - We have two separate environments setup on Azure as below: 1. Hub and spoke model with third party NVA connected to on-prem with ExpressRoute connection 2. Azure Virtual WAN integrated with Azure firewall, connected to on-premise…
asked 2023-11-17T13:34:57.64+00:00
Suwarna S Kale
1,191
Reputation points
accepted 2025-02-10T21:40:30.1466667+00:00
Suwarna S Kale
1,191
Reputation points
2 answers
One of the answers was accepted by the question author.
Express Route and VPN together
Our scenario: We are planning to use Express Route, VWAN integrated with Azure Firewall in East US (primary site) and West US (secondary/DR site) and we will be connecting the on-premise data center with Express Route. Questions: If we are using the…
asked 2023-10-17T12:02:02.0033333+00:00
Suwarna S Kale
1,191
Reputation points
accepted 2025-02-10T21:38:11.2733333+00:00
Suwarna S Kale
1,191
Reputation points
1 answer
How many public IP addresses can be attached to a FortiGate NVA deployed in Azure VWAN?
The team is deploying a FortiGate Firewall as a Network Virtual Appliance (NVA) in Azure VWAN architecture. The FortiGate firewall will serve as a centralized firewall to inspect traffic from other subscription VNets. Additionally, there is a need to…
asked 2025-02-04T13:20:06.5266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 91%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Akshay Karoo
46
Reputation points
commented 2025-02-06T17:13:01.6333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 71%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Ganesh Patapati
4,320
Reputation points Microsoft External Staff
1 answer
is Microsoft peering supported on vwan express route circuit and VNG ?
There is no mention of MS public peering on vWAN documentation. So trying to figure out. does vWAN express route support MS peering (to inject MS public IPs into on-prem Networks connected via express route circuit MS peering). If this is supported…
asked 2025-02-03T14:17:54.76+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 7.000000000000001%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
Martin Kallukalam
365
Reputation points
answered 2025-02-03T15:52:20.4233333+00:00
Ganesh Patapati
4,320
Reputation points Microsoft External Staff
2 answers
One of the answers was accepted by the question author.
Virtual Network having Azure Bastion peered with vWAN Hub
Following is the Scenario. Would like to connect Spoke virtual network which has Azure Bastion resource to Azure Virtual WAN. As per Bastion FAQ, we need to disable default route propagation at 'virtual network connection' level when we do virtual…
asked 2025-01-31T18:24:13.0966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 25%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Raviraj Velankar
136
Reputation points
answered 2025-02-01T03:29:57.48+00:00
Raviraj Velankar
136
Reputation points
1 answer
clarification on "bypass next hop ip for workloads within this vnet"
I am referring to the diagram attached (which is taken from Azure doc - route through an NVA) Here is my understanding of the routing : The 10.20.0.0/24 VNET is going to propagate the route to HUB default route table. This route will have a longer…
asked 2025-01-23T16:53:59.52+00:00
Martin Kallukalam
365
Reputation points
edited a comment 2025-01-30T01:34:19.0833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
ChaitanyaNaykodi-MSFT
27,121
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Question on Azure Virtual WAN w/ P2S Configuration
I'm in the process of looking at and building out an Azure Virtual WAN. Before doing this, I have previously tested creating an Azure Virtual Network Gateway and successfully connected via a standard Site-to-Site VPN tunnel as well as Point-to-Site…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 44%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Virtual Hub - VPN Gateway - IKE Lifetime
Hello, In a custom IPsec configuration there is only one lifetime setting defined as: 'SA Lifetime in seconds' - I understand this is the Phase 2 lifetime from the description. What is then the lifetime for the IKE Phase 1 tunnel ? How can I check these…
asked 2025-01-16T09:53:56.4466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 3%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECC%3C/text%3E%3C/svg%3E)
Caldeira Coutinho Diogo
40
Reputation points
edited a comment 2025-01-17T17:17:51.0233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 81%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sai Prasanna Sinde
4,260
Reputation points Microsoft External Staff
1 answer
Azure Network Connectivity Issue between vWAN and VPN Gateway
Good day, Azure community I’m facing network connectivity issue with my current setup, I can’t ping between two Azure VMs (native vm) the network setup as following: 2x VMs each VM on different vNet, (vNet1=10.194.0.0/24) & (vNet2=10.1.0.0/24) …
asked 2025-01-10T19:40:05.2133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 65%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SID
20
Reputation points
commented 2025-01-16T00:59:19.4966667+00:00
Rohith Vinnakota
3,150
Reputation points Microsoft External Staff
0 answers
How to backup the existing config in VHUB and VPN sites to be restored?
Hello, I need some guidance on how to fully export the existing config of a virtual wan resource with its virtual hub and vpn sites already configured, and a clear mechanism in how to use those templates to restore the config in case of any human error…
asked 2024-12-26T19:09:31.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 73%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFA%3C/text%3E%3C/svg%3E)
Fernando Ariel Chirkinian
20
Reputation points
commented 2025-01-02T16:41:49.5533333+00:00
Sai Prasanna Sinde
4,260
Reputation points Microsoft External Staff
0 answers
Automating IPSec Connections: Retrieving vWAN Hub Public IP with Terraform
I want to implement a Terraform module to create an IPSec connection between a vWAN Hub and my on-premises site. To automate this process, I need to retrieve the public IP address of the vWAN Hub. Is it possible to retrieve the hub's public IP using…
asked 2024-12-30T08:33:46.98+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 26%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIA%3C/text%3E%3C/svg%3E)
Itay Alayoff
0
Reputation points
commented 2025-01-02T11:25:06.5833333+00:00
Ganesh Patapati
4,320
Reputation points Microsoft External Staff
2 answers
One of the answers was accepted by the question author.
We have an Azure Virtual WAN deployement secure by Azure Firewall High Availability
Do i understand correctly that everthing inside virtual WAN is deployed automaticaly in Availability zones? Besides the Azure Firewall components for this you need to redeploy them. https://learn.microsoft.com/en-us/azure/virtual-wan/virtual-wan-faq I…
asked 2024-12-16T12:23:16.32+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 63%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
De Muyter, Frederik (INF)
20
Reputation points
accepted 2024-12-17T09:25:20.2233333+00:00
De Muyter, Frederik (INF)
20
Reputation points
0 answers
vWAN - azure verified module for terraform
Description I am trying to use AVM virtual WAN pattern module for terraform using with long variables.tf and local.tf. In order to pass values to object variables in specific object variable I created separate auto.tfvars for the vhub, firewall,…
asked 2024-12-10T03:23:44.55+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 52%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Prasant Chettri
146
Reputation points
commented 2024-12-11T11:18:20.3233333+00:00
KapilAnanth-MSFT
48,791
Reputation points Microsoft Employee
1 answer
How do we resolve ConnectionRoutingConfigConflictsWithRoutingIntent Error?
I have a hub virtual network connection with the routing configurations enabled with defaultRouteTable and when we associate this connection with a Secured Virtual WAN Hub (routing Intent Enabled), the error observed is…
asked 2024-12-02T15:20:09.7466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 69%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Krishna Sridhar
0
Reputation points
answered 2024-12-02T18:06:03.8233333+00:00
Ganesh Patapati
4,320
Reputation points Microsoft External Staff
1 answer
One of the answers was accepted by the question author.
How to create an effective route for Virtual HUB with type VPN_S2S_Gateway with out AS PATH field
Hi, We are trying to recreate a situation we saw previously on our system, which is inside the effective routes of a Virutual HUB with Azure Firewall and Routing Intent enabled. The case was an effective route in the default routing table we had a…
asked 2024-11-24T10:31:37.04+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 80%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESE%3C/text%3E%3C/svg%3E)
Shaked Eyal
86
Reputation points
accepted 2024-11-26T07:34:40.3266667+00:00
Shaked Eyal
86
Reputation points